User menu

Search form

You are here

Update: Revision R with PAE enabled attached. Patch is for phpvirtualbox 4.0-4b: This version includes an excellent authentication mechanism. With this revision done, there is no more need for the default password. Really butchered some python I'm afraid - see the damage in inithooks. Sorry Alon!

As of revision R, phpvirtualbox includes authentication. Until I figure it out, the default username and password are admin.

Thanks to the kind dev of phpvirtualbox, Ian Moore, conf now pulls the latest revision of phpvirtualbox. Created Apache configuration for phpvirtualbox (rather than modifying default) and it's now enabled by conf. There's still work to do. But now, /etc/init.d/vboxdrv setup happens post install, after security updates. Download and install of Extension Pack is offered as a choice, post install, post security updates (my first dialog box...I learn stuff). I have added samba, webmin-samba, and have, I think, fully configured a share for at /var/virtualbox/import. So if I understand licensing at all, I think the ISO produced by the patch can be distributed since the installation of the element with the restristive license, extension pack, has been removed and is downloaded based on the user's decision.

I wanted to experiment with my team with what VirtualBox had to offer headlessly. To install to bare metal, I needed an install medium that wouldn't take up a lot of real estate. Core 11.0 to the rescue. (The marks the first I started to feel invested in 64-bit appliances from TKL, btw.)

So we needed an ISO to burn that would take care of Lucid for us and install VirtualBox 4.0 along the way (yes, both ashamed and dirty).

I prolly shouldn't even post this...because, it doesn't use open-source edition of VirtualBox. Part of our experiment was whether VRDP (VRDE now?) can do better for us than VNC with ESXi infrastructure has been doing (so OSE wasn't an option for us).

So, attached is a TKLPatch for VirtualBox 4.0. We haven't gotten far into the experiment

In any event, if there's feedback, I'd love to hear it. If this gets scrubbed since VB isn't open source, I completely understand. But if anyone finds it helpful as we have, the post was worth it.

I won't be able to test this on bare metal til the start of the week; aside from adding to the Twin Peaks factor in my life, creating and modifying virtual machines within a virtual machine seems to go well.

My single concern so far is that the phpVirtualBox web interface has no security [taken care of in the current revision].

Awesome work Rik. I've been wondering about headless VirtualBox for a while but never got around to looking into it seriously. This could be useful for the meta master TurnKey appliance which can in turn run all others. It seems the main practical issue with phpvirtualbox is lack of integrated authentication / security model, though it may be possible to work around this in part at the web server level (e.g., htaccess configuration).

Anyhow, if you look into other options I would be very interested in your experience and opinions regarding how they compare.

FWIW: As of version 4.0-4b, phpvirtualbox features authentication that requires credentials to interface with the vms from the phpvirtualbox web interface. Tested and works lovely. I've given the code just a cursory glance, but so far I haven't figured out the authentication mechanism. I see the hash, but not how/where to manipulate the password.

Ian's given it a default user name and password: admin. When I figure it out, I'll have the password set on first boot with inithook. In the meantime tklpatches for the new version are attached on the original post.

I'll give another go at the code and see if I can't figure out the secret to storing and retrieving passwords.

Run as the user that will run VirtualBox. To encrypt the password you can use PHP:

php -r "echo(hash('sha512','plain-text-password'));"

Taking these from user input, you may have to escape some characters. I tried to use sha512sum from the comand line, but got a different result than PHP gave. I'm not sure which is correct, but since phpVirtualBox uses PHP, it is the way to go.

This is very helpful. Thanks for taking the time, Ian. I look forward to getting an effective dialog built for firstboot over the weekend; I'll upload a revised patch as soon as it's tested and I'm confident in the result.

After installing php5-cli, here's the script I've arrived at for firstboot to set the phpvirtualbox admin password. Perhaps someone can catch what I'm doing wrong? After this runs, the password seems to stay the default ("admin"):

#!/bin/bash

#Script intended to set the password for phpvirtualbox admin account.
#A dialog box should ask for the password.
#A second dialog should ask to confirm the password.
#While first and second are not ==, repeat.
#When the two are ==, use php to pass the hashed password.

#Loop as long as first and second are not the same.
first="admin"
second="root"
while [[ "$first" != "$second" ]]
do
dialog --title "Set phpvirtualbox password for ADMIN" \
--passwordbox Password 10 60 2> /tmp/first

I also tried to rule out a problem with the bash and while loop, and used just the last two lines with a fixed password. I got no errors, but the login for phpvirtualbox was still the defaults. Any insights?

Hrmm.. I don't know. As long as you're outputting it to a file, you should probably use sha512sum instead of PHP though. I know I said PHP first, but I didn't think of it going to a file where sha512sum would be useful. My bad :)

Thanks Liraz. I've looked over the description of TKL's Jeos and have wondered if it might be a better candidate to patch than the Core for this purpose. Is it missing built-ins we may need, or perhaps any bits of bash I might be relying on?

Working now on the problem with (no) authentication from phpvirtualbox (otherwise terrific software). I don't know how I'll handle this as an initscript, but for now I'm using htpasswd in conjunction with .htaccess. I'll update to let interested ones know how it's coming.

My understanding is that Oracle has changed how things are done. Under Sun (up until v4 I think ) if you wanted an OSE version of VBox you either had to use a 3rd party precompiled version (eg from your OS repo if using Linux) or build from source. Oracle seems to have separated the OSE and PUEL parts and now VBox itself is licenced under GPL v2 with the "VirtualBox extensions" (addon) is licenced under their PUEL.

That's how it reads to me from their Downloads page. Although perhaps I've got it all wrong?!

PS Awesome work Rik! :)

PPS Even if it's not Open Source I still think something cool like this is worthy of a Patch. Obviously it'd never make it as a TKL appliance but others would still find it useful no doubt.

Jeremy is correct. VirtualBox is open source. The RDP extension is licensed under their PUEL. An open source VNC based console server (VRDE as they call it) extension is in the works though. This is purely speculation based on virtualbox dev list chatter. Once this is complete, you should be able to run a completely open source VirtualBox environment with console access.

I saw this the other day but was in a hurry and couldn't comment on it. This looks like a very nice appliance! It was my original idea of the tklmaster server (of course with a custom gui) but right now I'm more focused on an OpenVZ version.

But this appliance looks wonderful, and the phpVirtualBox looks like a cool gui! great job!

I thought I was pretty careful with the license, because I felt a high stake in getting it right. Thank you so much for sharing what I wish I had caught on to. So if I understand right, I can take the part of the patch that installs the extension pack out, move it to a script executed from say /usr/local/bin, and we'll have an ISO that can be distributed.

The patched TKL Core works fantastically on a VM. I've just gotten it on bare metal and will report back what I find.

The only part I'm extraoridnarily unhappy with is one of the inithooks - the prompt for the web access password would benefit from a dialog box.

Also, I'll revise services.txt to remove the VBoxWeb line, which does no good.

So as I'm working with the phpvirtualbox server (works great with the latest version) over the patched Core 11.1 I'm realizing there may be a need to incorporate an easy way to move machines or ISOs onto the server. For me there's sftp; but that's not the best solution for everyone.

On one hand, I'm trying to keep it as lean as possible to be most like pseudo-hypervisor as possible.

As I practical matter, however, I'm considering incorporating samba and configuring a share as we did with the ampache patch.

Alternatively, instead of patching Core, we could patch the File Server appliance. What would you suggest, if you were the suggesting type?

I think that just adding Samba (as it looks like you've done) is the go.

BTW great work with this Rik, this looks like an absolute winner!

I think that some of Adrian's code from his TKLDevEnv server could be useful for this project (ie his WebUI which alllows direct download of TKL appliances from the net). That way users could load any VM image or ISO via Samba or alternatively download TKL VM images online.

I took the leap and incorporated Samba for a really very practical reason - I had to get images there myself, so I thought, for that version at least, see what others think. Thanks for the confirmation!

I owe so much to Ian Moore, the dev of phpvirtualbox; he's done a stellar job.

I've run into snags, but they're all with vb, not at all with phpvirtualbox.

I do want to have a look at what Adrian's done. I think it's a great idea to be able to pull down TKL images and ovf/vmdks. I'm quite curious. On the other hand, I'm trying to keep as lean as possible so as not to hog resources. I was reminded (correct me if I'm wrong here) that I'm not able to access the 8 gig of memory I have on the machine because the OS is 32bit and PAE (?) would require kernel retooling (which I've been trepidatious about since 1998 or so).

In any event, I look forward to seeing what Adrian's doing - I'm even more compelled to do so since Liraz suggested that students build their own DevEnv as part of the curriculum. A fantastic idea, so I'm eager to see what one looks like when someone with Adrian's skills has at it.

I faced the same decision when working con TKLDevEnv. It's the best way to get files on the appliance in an easy manner. In the case of TKLDevEnv, I got 4 shares in the appliances, one for base-images, one for projets (uncompress tklpatches), one for patches (the tar.gz) and one for the output (the patched isos).

The TKLDevEnv project is still under development at a slow pace, I use it everyday on my tkl work, as it's pretty mature at the console level. But I wanted this one to be an easy way for starters to make patches. So I went on developing a django webapp for this. My first milestone was to give a way to easily apply a patch via the web app. That milestone is almost done, I think I'm only missing a css issue to make tabs look nicer. A stupid thing that it's surprisingly hard, as I'm not using javascript at all in this first version.

But on my last test I had a regression: during development, I always runned the webserver as root, but when I finally put the app in place running under apache, it can't run tklpatch due to permissions. So that's the current state, I'm looking for some spare time to test a modified version of tklpatch that uses fakechroot instead of chroot (which needs root permission). Sorry I haven't updated the TKLDevEnv thread, you can see my advances on github http://github/adrianmoya there are two projects, tkldevenv-patch and tkldevenv_webapp.

The code that Jed mentions is the tklpatch-getimage command, which uses a precreated file with all the links to the isos at the sourceforge website. The file was created automatically but some changes in sourceforge broke the code so actually it's a "hard-coded" file. I think the time is comming to ask the TKL Duo for a proper service to get download links, now that with your appliance, my tkldevenv and the future tklmaster I'm also working on, we'll need a standar api to get the turnkey images links for download.

BTW, the webapp also brings a download image option, but it just renders the file of available images and calls tklpatch-getimage when you ask to download a file.

Swapping out the regular generic kernel for the PAE enabled kernel is very easy and can be done from the command line. In theory it should work. In theory practice and theory are the same and in practice they aren't. You'll need to test.

As far as I can tell, the PAE enabled patch is a success. I don't know how to tell for sure, but I've got 7 VMs running at a time in a production machine. MOTD recognizes all 8 gig of memory. Is there more testing I should do?

Looks great! Rik, we should work together on getting VMs auto-start / auto-shutdown going. So that VMs automatically start / stop when the system boots and shuts down. Many people have asked for this on my site, but phpVirtualBox being a PHP script that runs from a web page, cannot do this directly.

That, Ian, was my first paid thought of the morning after realizing there was a power outage: what can I do to autostart the virtualbox VMs.

With my skillset, I'm not sure what I can contribute. Actually I've a few ideas - starting with looking into vboxshell.py. Because apparently it exists and I'm curious.

I'll write you directly; having thought about it only briefly, I think it migh be ideal to be able to determine which vms start with which priority via the web interface. From there Python or bash could look up which to start up and in what order. Can this be done without a database layer?

I haven't played much with this in Linux but a few years ago I was having a play with VBox in Windows and getting it to run as a service and start and shutdown VMs automatically (on boot and shutdown). I never actually got it to work as intended (and ended up going with VMware Server as it can do this OOTB from the WebUI) but I'm sure it's doable and I found lots of info about it.

In my experience getting things like this to work is easier in Linux than Windows and with your skills I'm sure you're up for the job! :)

Here's a couple of links that look like they may be useful (the 1st one maybe not so much, but is quite a good overview of VBox at the command line):

I've tried many times loading ISOs located on 9while9 website. On the approx. 420MiB, i just download 120MiB to 190MiB. I'm located in France. I think you could put ISOs on Rapidshare-like service, you will save a lot bandwitch at the same time.

For the moment i will make my own ISO with patch file and TurnKeyLinux master ISO. This take much time and complication (already failed 2 times...).

I also don't pleased with rapidshare terms of services. You can also exploring SourceForge or BerliOS-like solutions (software forge). I don't really know how it works, but it seems be adapted solutions.

If you are one of the lucky people who own an android phone, I just came across a cool app: VirtualBox Remote Manager (for your phone). I haven't actually tested it out but it looks cool and has high ratings.

I've seen what I think is a similar tool for iOS. I haven't tried it because my understanding is that it'll compete with phpvirtualbox for VirtualBox's attention. I haven't looked very closely at it, but that's what I've surmised in my cunning ignorance. I'll give the one for iOS a shot, and then have Steven, one of the students, look at what's available for Android. When spring break is over, naturally.

This is great work! I've installed it directly from the bootable .iso on bare metal and the install couldn't have been smoother. I changed the passwords as prompted on the install and all services are up and running, I can connect to them from a seperate workstation. Truly a nice solution, especially when you can install it on practically any hardware that you have laying around.

I was able to directly copy over the TKL appliance files from my Windows XP workstation to the "import" folder on the appliance using the SMB share. Nice!

I am running into a problem when I try to import the TKL appliance from it's *.ovf file. The Virtual Box admin web page sees the import files and it also picks up the configuration settings from the *.ovf file, but when it attempts to do the import and create the disk file - I get the following error:

"Storage for the medium '/var/virtualbox/VirtualBox VMs/TurnKey Joomla/turnkey-joomla-2009.10-2-hardy-x86.vmdk' is not created"

It has happened on multiple appliance files and I have re-installed the VirtualBox appliance and tried again with the same error message. I'm taking all the defaults on settings and not changing anything that I know of, except by setting the passwords on the install.

Has anyone run into this at all? It almost seems like a file system permissions problem. Do I need to complete some additional steps prior to just doing an import of the *.ovf files? Anyone have insight on this?

The current TKL releases are v11.2 (looks like you are using v2009.10-2 which is quite old). So perhaps it's worth updating to the current version while you are at it? You may need to do some tweaking to get it to all work ok, but TKLBAM should be pretty handy in this instance. OTOH that version is based on Ubuntu 8.04/Hardy and is supported (with security updates etc) until April 2013 so no rush if you're happy.

Secondly, I had a similar error message (with v11.2 TKL Core image on VBox v4.1.4 - WinXP, so different setup but bare with me...), but it still works ok. It looks like VBox complains that the VMDK isn't where it wants it to be (for the new VM) and throws an error but then goes ahead and copies the VM HDD image (VMDK file) to where it wants it to be. So despite the error everything works as it should. Perhaps something similar occurs with the VBox server?

If it errors and stops then perhaps try double checking the path is correct.

Another thing, not sure if you created those paths, or Rik did in the original appliance but Linux is case sensitive (so check the case of the real path and that that VBox is trying to use) and also it's generally good practice to avoid spaces in Linux file & folder names (in my experience strange things can happen sometimes with spaces in Linux paths).

Thanks for the response, those were all great ideas. I've tested them all out and the error persists. The folder structure gets created, but Virtual Box errors out and the VM never gets created in the Virtual Box interface. I may also be using an older *.iso. I'm going to try the most recent patch posted above and I'll feedback if I am more successful with that.

Perhaps you could try just making a new VM? Create it as close to the VMs you had running under XP but when you get to make the virtual harddrive, instead select the vmdk you have already. I assume the headless verion lets you do that like the desktop version does?

I have been working on a VSphere VServer recently (so far not worth the effort IMHO).. the idea of a headless VBox seems awesome. If you could go one more step and tie a few Boxes together and migrate instances (or provide mirroring for instances) that would be pretty cool... Not trying to add work here.

I'm sure I will throw some questions out when I try to implement first time.

I generally am running Vmware ESXI but I have a AP that has been built for VBox that i cannot get to load on ESXI direct. i can load in V-Box but need to get a DNS connection to it, so i am attempting to load this as a machine on a ESXI Box.

First Attempt I did not upgrade packages, then went to a prompt would you like to download and install the VirtualBox Extenstion Pack"..

Reset machine which threw me into a new install routine. This time I am upgrading packages, which of course takes forever... Second time around again though, same error,

"The Vbox Kernel Module is not Available" then a few more lines down.

"Trying to register the Vbox kernel modules using DKMS.... " long pause

Then as I was typing the above the box came up "Wha hoo!"... but now I am stumped by the password in phpvirtualbox.. (I thought I was very clear on input).

Reading the threads above I see this is complicated. Can I reset from Webmin or WebShell?

-------------

update: Tried logging in with the Samba User named Virtual Box.. will try again.

I can't find any 'Admin", "ADMIN" or "admin' users defined anywhere which I had thought I was setting 1 or 2 passwords for in the intall routine.

---------- After Restart I get in /phpvirtualbox

An error occurred communicating with your vboxwebsrv. No more requests will be sent by phpVirtualBox until the error is corrected and this page is refreshed. The details of this connection error should be displayed in a subsequent dialog box.

Today I tried simply installing VBox on a Win2008 Server install followed by a VBox Machine (OVA +VMDK) that is running in ESXI. It wanted to work, but would not on boot because of processor timing errors. The Same OVA Set runs fine on my Laptop in VBox, just I can't give it a real IP to test anything.

Long Story short, I am not sure we can virtualize virtualized processors right now.

That was not the problem outlined above, but I expect it would lead here (possibly not though).. How do I get into the password / user I set for VBox. I can load the Machine (more than I can do in the above reference), I just can't log into Vbox.

Let me first congratulate you all on the fine work you're doing. I've been following TurnkeyLinux for about a year, after I discovered it and started using the Fileserver appliance.

The VirtualBox headless is a very welcome addition. I'm in the process of setting up a server (a 5-year old machine that still works well) and I'd like to implement it, but the patch doesn't seem to work with the new core (12 on Debian). It displays an error when trying to install the kernel headers (I'm out of my depth here, so I'm unsure if there is anything else to be changed in the script and thought I would bring this to your attention).

The new v12.x appliances are all Debian based and so the line that installs kernel headers probably needs to be modified to take that into consideration. OTTOMH I'm not sure what needs to be changed, but a bit of googling on how to install Debian kernel headers and comparision with the patch may make it a bit more obvious what needs to be adjusted. Sorry that's probably not quite the answer you are probably hoping for, but it may get you headed in the right direction...

Thank you for your prompt answer. I asked because perhaps it was just a matter of minutes for someone with the right knowledge to fix this, but you've certainly sent me in the right direction.

I replaced "linux-headers-2.6.32-26-generic \" by "linux-headers-$(uname -r) \" in the conf file of the patch and the install finished this time, but I still cannot make it work (when I visit the server/phpvirtualbox page, I get the server contents and not the configuration).

I'll try to detect the problem and will post on future advances. While we're at it, wouldn't it be better/more secure for the login to phpvirtualbox to go via https instead of http?

At least as an option, if not forced. Adding it as an option (if it's not already) should require only a minor tweak in the Apache config (have a look at the default Apache config (sounds like Ric left that there?) which should be /etc/apache2/sites-available/default. If you want to force https, then I'm not sure if it's the best way, but I have often used mod_rewrite to redirect http to https (the module will probably need enabling: 'a2enmod rewrite'). If you want to force redirect all http to https then you can add the required rewrite rules to the enabled Apache conf (as above location but not called default - not sure what Ric called it but knowing him it should be obvious). If you only want phpVirtualBox redirected to https then you can also use the conf file (as above) or use an .htaccess file in the phpvirtualbox/ dir.

As for why it isn't serving the content, again it's likely that it's an Apache config thing. It may be worth having a look at what the Apache logs say. OTTOMH they should be in /var/log/apache2 or something similar. It may even be as simple as reloading the websever config? 'service apache2 reload'

I was planning on installing VirtualBox directly on Core 12.0 without the patch by following a tutorial, but I'll try again to make it work (my linux knowledge is quite basic and I haven't had enough time to devote to this, but I need it for backups so I'd better do it soon).

My loss is your gain, assuming this works. I don't have a spare machine laying around to try this on but I did spool it up in VMware vSphere and got he phpVirtualBox UI. Have a look and see if this works for you. This patch includes:

virtualbox version 4.1.20 with the Oracle extensions

phpVirtualBox 4.1-10

One note, during setup it asks you for the vbox user password... this is NOT the phpVirtualBox password but the password for the user that it runs as (running as root is bad). To log into the phpVirtualBox UI, use admin/admin.

Hint: for remote desktop (VRDP) to work, you must first restart the system (it has to recognize the extension pack). After that, it worked nicely and I was able to install a TurnkeyLinux fileserver appliance as a VM. I also created a snapshot via phpVirtualBox (had to shut down the appliance first due to a bug, according to phpVirtualBox).

When cd-ing to /home/vbox/VirtualBox VMs, I get dirname: extra operand 'VMs'.

when you try to cd into the "VirtualBox VMs" direectory, what command do you type?

cd /home/vbox/VirtualBox VMs

cd /home/vbox/VirtualBox\ VMs

cd "/home/vbox/VirtualBox VMs"

Numbers 2 and 3 should work fine, but 1 will not.

I just checked and VirtualBox version 4.0 and above use "$HOME/VirtualBox VMs" as the default folder, so when attempting to cd into the folder from the command line, you have to use syntax 2 or 3 above.

I used auto-complete (tab key), so it ended up like cd /home/vbox/VirtualBox\ VMs/

It does change to the right directory, but it displays "dirname: extra operand" error after executing the command. Also, if issue an ls, for example, I get the correct result, but after the list, I get the error message again (I hope I'm being clear).

I just recreated the issue with spaces in the filename on a TurnKey 12.0 core machine when logged in as root. There was a bug report filed awhile ago that's marked as 'fixed' but I've updated the issue with my findings. Hopefully someone from TKL will take a look.

Alon supplied a fix to resolve the "directory name with spaces" issue. This issue seems to affects all of the TKL 12.0 applainces so if you experience this elsewhere it might be worthwhile to validate the contents of your .bashrc file against the launchpad comments

If you take a look at the launchpad issue, there's a fix you can apply to all instances of .basrc (/root/.bashrc and /etc/skel/.bashrc). I am building the patch into a new drop of this VirtualBox headless patch and my other applainces (nzbapp, newznab, subsonic) as I am working on a enw release of them anyway.

I re-installed the system and it worked perfectly. A reboot still seems necessary to get VRDP to work, but I don't think that's much of a nuisance.

I'm trying a couple of other things and noted that the manual partitioning screen in the installer shows some strange data (looks like some variables are being displayed as text).

I'm more than happy with the way this is behaving and this will fulfill my needs for the time being. Nonetheless, here are some additional thoughts on possible improvements:

. RAID1 support during install (unlike other appliances, this will work as a metaserver, so it probably makes sense).

.secure access to phpVirtualBox (https).

.move /home to a separate partition (logical volume?) (I'm not sure about the benefits of this in terms of complexity vs flexibility; also, I'm not lvm savvy, but I think there should be a way to separate the guests from the host for upgrading or reinstalling the system) .

Again, thanks a lot for your help. Let me know if I can be of assistance. I'll try to answer my own questions but it will take some (lots of) studying and trial-and-error (you've already provided some pointers, so I'll start there). If/when I manage to get results, I'll make sure to post some tutorials (I'm not sure I'll be able to modify the patch, but I may even try that).

ProxmoxVE is a free open source bare metal headless hypervisor incorporating both KVM and OpenVZ virtualisation on a minimalist Debian Squeeze base. It includes a powerful set of commandline tools and almost equally powerful custom WebUI. It allows users to have differing level of privelges so you could assign them ownership and control over their own servers, whilst maintaing full overall system control yourself. Since v2 it also incorporates the TKL library of appliances so you can download them as OVZ templates from within the WebUI.

A little frustrating as every bit had to be ordered contrary to expectations and the package from Oracle's repo looked for a dependency that couldn't be resolved. It's not as flexible as Eric's (fewer configureable variables, iirc), but it seems to get things done.

Best wishes, friends.

It's worth a note here that phpVirtualBox's core dev, Ian (if I remember right) is really in a tight spot and needs an adoptive lead developer for the project.

I'm really reliant on phpvirtualbox in our scenario; others must also be. Spread the word to keep this outstanding work moving.

Our advanced tech classes really get good use out of PHPVbox with TKL. They leave 12th grade with basic administration of esxi, xenserver platinum, and, with this in place vbox headless. I'm not sure virt should be part of the curriculum, but I am sure authenticity should be.

[if you read this carefully, it reveals itself to say this: Goldman is scared of KVM.]